Securing BYOD: Safer use of personal smartphones, tablets and laptops at work

ICO survey reveals extent of risk

Following on from our blog ‘6 smartphone security best practice tips’, the wider issue of the security of personally owned mobile computing devices also needs to be looked at.
The phenomenon of Bring Your Own Device (BYOD) is now well established. This is great for businesses; employees use their own smartphones, tablets and laptops for work. Clearly this is beneficial in that it means businesses don’t bear the burden of hardware capital investment. It also has implications for greater efficiency and productivity, more flexible working and improved morale. So it’s WIN-WIN… WIN-WIN!
Attractive as this undoubtedly is, it does have significant implications for network and data security. This was highlighted in a survey by YouGov on behalf of the UK’s information regulator, the Information Commissioner’s Office (ICO), earlier this year. The survey revealed:

  • 47% of UK adults now use personal smartphones, tablets or laptops for work
  • Less than 3 in 10 are provided with guidance on how they should use the devices for work
  • Email is the most common work activity for 55% of BYOD users
  • 37% use BYOD devices to edit work documents
  • 36% store work documents on BYOD devices

From the perspective of commercial confidentiality, these activities mean that information which could be commercially sensitive or business critical may be processed through an unsecure device. From a regulatory point of view, if personal information is handled without due consideration, this may contravene the Data Protection Act.
Here are some points to note from the ICO for using BYOD safely in your business.

1. Passwords

Use a strong password to secure your devices.

2. Encryption

Use encryption to store data on the device securely.

3. Automatically delete

Ensure that access to the device is locked or data automatically deleted if an incorrect password is input too many times.

4. Automatically lock

Ensure that the device automatically locks if inactive for a period of time.

6. Remote deletion

Make sure users know exactly which data might be automatically or remotely deleted and under which circumstances.

7. Separate business from personal use

Maintain a clear separation between the personal data processed on behalf of the data controller and that processed for the device owner’s own purposes, for example, by using different apps for business and personal use.

BYOD advice and service you can trust from Paralogic

Do you know about MDM (Mobile Data Management) solutions that manage BYOD devices from a single screen console? If you need a trusted technology partner to help with any aspect of network, mobile device or BYOD security simply fill in the form on the right or call us on 01844 293 330.
Click here to download the ICO’s guidance ‘Bring Your Own Device (BYOD)’ as a PDF file from the ico.org.uk
 
 
 
 




LATEST BLOG POSTS

Why Paralogic has been named one of Britain’s 50 Best Managed IT Companies

2nd January 2020

For more than 20 years, Paralogic has been working with small and medium sized businesses, providing IT support and services they can rely on. We’re thrilled, therefore, to be named among the best British MSPs,…

Read More

Equifax security breach: What if it happened under GDPR?

9th October 2019

The European Union’s General Data Protection Regulation (GDPR) is the most significant shake up of information security for many years. Despite the toughening of rules and the harsh treatment of companies by regulators and the…

Read More